Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

psa_raw_key_agreement() and psa_key_derivation_key_agreement() don't work with opaque drivers #8747

Open
philipp-wallisch-nxp opened this issue Jan 25, 2024 · 0 comments
Open

psa_raw_key_agreement() and psa_key_derivation_key_agreement() don't work with opaque drivers #8747

philipp-wallisch-nxp opened this issue Jan 25, 2024 · 0 comments
Labels
component-psa PSA keystore/dispatch layer (storage, drivers, …) help-wanted This issue is not being actively worked on, but PRs welcome. size-l Estimated task size: large (2w+)

Comments

@philipp-wallisch-nxp
Copy link

Summary

PSA crypto drivers can offer transparent and opaque key agreement functions in psa_driver_wrapper_key_agreement() (the test driver also does so).

However, calling psa_raw_key_agreement() and psa_key_derivation_key_agreement() fails for opaque keys, since these functions check the input key with psa_get_and_lock_transparent_key_slot_with_policy() instead of psa_get_and_lock_key_slot_with_policy().

This is a very similar issue to #8461.

System information

Mbed TLS version: 3.5.1

Expected behavior

Calls to psa_raw_key_agreement() and psa_key_derivation_key_agreement() should work with opaque keys and hand over to the configured crypto driver via psa_key_agreement_raw_internal().

Actual behavior

Calls to psa_raw_key_agreement() and psa_key_derivation_key_agreement() with opaque keys return PSA_ERROR_NOT_SUPPORTED before reaching the crypto driver.
@paul-elliott-arm paul-elliott-arm self-assigned this Jan 26, 2024
@paul-elliott-arm paul-elliott-arm added help-wanted This issue is not being actively worked on, but PRs welcome. component-psa PSA keystore/dispatch layer (storage, drivers, …) size-l Estimated task size: large (2w+) labels Jan 26, 2024
@paul-elliott-arm paul-elliott-arm removed their assignment Feb 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component-psa PSA keystore/dispatch layer (storage, drivers, …) help-wanted This issue is not being actively worked on, but PRs welcome. size-l Estimated task size: large (2w+)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paul-elliott-arm @philipp-wallisch-nxp